According to https://stephentanner.com/ssh-yubikey.html to generate a key on my yubikey I should do:
ssh-keygen -t ed25519-sk -O resident -O verify-required -C "Main Key"
I did and touched the yubikey and used an empty password and it generated the _sk file. The blog says it should be a pointer to the actual key inside the yubikey but when I print it, it looks exactly like a secret key:
-----BEGIN OPENSSH PRIVATE KEY-----
... bunch of data
should it indeed be like this?
Do I need to copy this and use on all computers where I want to use the yubikey key? Shouldn’t it defeat the purpose of having the key entirely on the yubikey?
